<?php
include("inc/global.inc");
$url=$_SERVER['HTTP_REFERER'];
if($_POST['c_code']){
   if($_POST['c_code']==$_SESSION['chkCode']){
   if($_POST['logUserName']){
$rs=mysql_query("select id,m_psw,m_user from member where m_user='$_POST['logUserName']'");
$row=mysql_fetch_array($rs);
if($row['id']){
if($row[m_psw]==substr(md5($_POST['logPassword']),7,19)){
@mysql_query("update member set m_logintime='".date("y-m-d H:i:s")."' where id='".$row['id']."'");
setcookie("user_id",$row['id'],time()+86400,"/","sandib2b.cn");
setcookie("user_name",$row[m_user],time()+86400,"/","sandib2b.cn");
echo "<script>alert('登陆成功');location='$url';</script>";
}else{
echo "<script>alert('密码错误');location='$url';</script>";
}
}else{
echo "<script>alert('用户名错误');location='$url';</script>";
}
}

   }else{
     echo "<script>alert('验证码错误');location='$url';</script>";
   }
}
?>